The API

Email authentication checks, on demand, over HTTP.

Two endpoints — one focused on SPF, DKIM, and DMARC; one covering the full stack including SSL, MX, blacklists, and domain expiry. Pass the domain in the URL, get back letter grades and per-finding detail in JSON. No SDK required.

Request API access Open interactive docs

Endpoints

The API exposes two check endpoints and one liveness probe, all authenticated with an API key passed in the request header.

GET/v1/email-auth/{domain}

SPF, DKIM and DMARC — each graded A–F, with the findings behind the grade.

GET/v1/report/{domain}

Everything above plus SSL/cert expiry, blacklist/DNSBL, MX/DNS health, WHOIS/domain expiry and disposable-domain detection.

GET/health

Unauthenticated liveness + engine version.

Example

A real request and abridged response for the email-authentication endpoint. This sample domain publishes DMARC at p=none — monitoring only — so the grade and findings show exactly what to fix.

Request
# request
curl https://api.lumirallc.com/v1/email-auth/dmarc.fail \
  -H "X-API-Key: YOUR_KEY"
Response (abridged, real)
{
  "domain": "dmarc.fail",
  "overall_grade": "D",
  "overall_score": 62,
  "worst_severity": "warning",
  "checks": {
    "dmarc": {
      "check": "dmarc",
      "title": "DMARC",
      "severity": "warning",
      "score": 50,
      "summary": "DMARC is published but not fully enforcing.",
      "findings": [
        {
          "code": "dmarc_policy_none",
          "severity": "warning",
          "message": "DMARC policy is `p=none` — monitoring only, spoofed mail is still delivered.",
          "recommendation": "Move to `p=quarantine`, then `p=reject`, once reports look clean."
        }
      ],
      "provider": null,
      "latency_ms": 6.2
    }
  }
}

Pricing

Quotas are the plan.

Plans are defined by a monthly request quota. Free is for evaluation — the email-auth check (SPF/DKIM/DMARC) only; the full report (SSL, MX, blacklist, WHOIS) is included on Pro and Business. Prices are being finalized and confirmed when your access is set up; self-serve checkout is coming soon, so for now every plan is provisioned by hand after you request access.

Free
$0
250 checks / month
  • Email-auth check only
  • SPF · DKIM · DMARC grades
  • Full report — Pro & up
Request access
Pro
$29*/mo
10,000 checks / month
  • Both endpoints
  • SPF · DKIM · DMARC grades
  • + Full report (SSL · MX · blacklist · WHOIS)
Request access
Business
$99*/mo
100,000 checks / month
  • Both endpoints
  • SPF · DKIM · DMARC grades
  • + Full report (SSL · MX · blacklist · WHOIS)
Request access

* Placeholder pricing while we finalize. Self-serve checkout is coming soon — for now, plans are set up by hand after you request access.

Request API access

Get a key

We're onboarding early users one at a time — it means we can set the right quota for your use case and answer questions before you write a single line of code. Send an email with your domain and a brief description of what you're building; you'll typically hear back within one business day. Self-serve signup is coming soon; the manual step is deliberate, not a gap.

Email us for access

Explore the full endpoint reference, request and response schemas, and try live calls in the interactive API docs. Open docs.